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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 
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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )M Responsive to communication(s) filed on 9 November 2000 . 
2a)D This action is FINAL. 2b)H This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11, 453 O.G. 213. 
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4) E3 Claim(s) 1-26 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |3 Claim(s) 1-26 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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application from the International Bureau (PCT Rule 17.2(a)). 
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a) □ The translation of the foreign language provisional application has been received. 
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DETAILED ACTION 



Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1 (a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1 (2) of such treaty in the English language. 

Claims 1-26 are rejected under 35 U.S.C. 102(e) as being anticipated by Dutta (U.S. 
Patent 6,574,666 Bl). 

In reference to claim 1, Dutta suggests a firewall device having a plurality of 
communication interfaces, a firewall system comprising: a) a firewall core connected to each 
said communication interface (column 4 lines 63-66); and b) at least one inspection module 
coupled for communication to said firewall core, said inspection module configured to provide 
protocol inspection of data packets to said firewall core (column 5 lines 1-12), said firewall core 
configured to receive data packets from said interfaces and communicate said packets to said 
inspection module for inspection, said inspection module is further configured to be installed 
during the operation of the firewall system (column 3 lines 14-30). 

In reference to claim 6, Dutta suggests a firewall device having a plurality of 
communication interfaces, a firewall core configured to be coupled to at least one inspection 
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module, said firewall core comprising: a) a communication unit operatively coupled to the 
communication interfaces (column 4 lines 63-66); and b) a set of callback functions, retrieved 
from said inspection module, each said function providing communication between said firewall 
core and said inspection module. The use of callback functions is an inherent method of efficient 
communication between two different systems; the systems in this case are the firewall processor 
and the fetch processor (column 4 lines 41-50). 

In reference to claim 10, Dutta suggests a firewall device having a plurality of 
communication interfaces and a firewall core coupled to the communication interfaces, an 
inspection module to configured to couple with the firewall core, said inspection module 
comprising: a) an inspection unit configured to inspect and authorize data packets (column 5 
lines 1-12); and b) a function table having a set of callback functions each said function 
providing communication between said firewall core and said inspection module. A function 
table is an obvious method for an operating system to implement call back functions for 
communication between two systems, which in this case would be the firewall instruction 
processor and the fetching instruction processor (column 4 lines 42-46). 

In reference to claims 15 and 21, Dutta suggests a firewall device having a firewall 
system including a firewall core, a method for adding protocol knowledge to the firewall system 
during runtime comprising: a) loading an inspection module comprising new protocol inspection 
knowledge and a function table having a set of callback functions (column 3 lines 14-25); to b) 
notifying the firewall core of said inspection module (column 3 lines 26-33); and c) 
communicating said set of callback functions to said firewall core. The use of callback functions 
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is an inherent method of efficient communication between two different systems, in this case the 
systems are the firewall processor and the fetch processor (column 4 lines 41-50). 



In reference to claims 2-5 and 13, 7-9, 11-12 and 14, 16-20, and 22-26 are rejected as 
rejections in claims 1,6, 10, 15, and 21. 

Regarding claim 2, wherein said inspection module is installed into a memory space 
monitored by said firewall core (column 4 lines 41-62). 

Regarding claim 3, wherein said inspection module further comprises callback functions, 
said functions communicated to said firewall core and providing communication between said 
firewall core and said inspection module. The use of callback functions is an inherent method of 
defining functions for efficient communication between two systems. The systems in this case 
are the firewall processor and the fetch processor (column 4 lines 41-50). 

Regarding claim 4, wherein said inspection module is further configured to indicate to 
said firewall core for which data packets said inspection module is configured to provide 
inspection (column 4 line 66 to column 5 line 12). 

Regarding claim 5, wherein said data packets intercepted by said firewall core further 
includes session information comprising address and port data, said firewall core further 
configured to map said session information to corresponding inspection modules (column 2 line 
60 to column 3 line 5 in combination with column 4 lines 32-50). Packet Filter Router rules are 
based on address and port information, therefore, the address and port information obviously 
must be contained within the packets. 
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Regarding claim 7, wherein said communication unit is further configured to intercept 
network data communicated via said network interfaces (column 3 lines 46-65). 

Regarding claim 8, further comprising a session mapping unit, said data packets 
intercepted by said firewall core further including session information comprising address and 
port data, said firewall core further configured to map said session information to corresponding 
inspection modules into a session mapping and store said session mapping into said session 
mapping unit (column 2 line 60 to column 3 line 5 in combination with column 4 lines 32-50). 
Packet Filter Router rules are based on address and port information, therefore, the address and 
port information obviously must be contained within the packets. 

Regarding claim 9, wherein said communication unit is further configured to 
communicate packets between said communication interfaces and said inspection module for 
inspection (column 4 line 63 to column 5 line 12). 

Regarding claim 1 1, wherein said inspection unit is further configured to be installed 
during the operation of the firewall core. The rules retrieved by the filter processor to update the 
filter processor are retrieved during the operation of the filter processor. 

Regarding claim 12, wherein said inspection module is installed into a memory space 
monitored by said firewall core (column 4 lines 50-55). 

Regarding claim 13. The firewall system of claim 1, wherein said inspection module is 
further configured to indicate to said firewall core for which data packets said inspection module 
is configured to provide inspection (column 5 lines 1-12). 

Regarding claim 14, where in said inspection unit is further configured to receive and 
inspect packets communicated from the firewall core (column 5 lines 5-12). 
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Regarding claims 16 and 22, further comprising enabling said inspection module, prior to 
communicating said set of callback function to said firewall core. The new information is used 
to filter packets therefore the new rules, provided by the filter processor, are in an enabled state 
similar to the state of the inspection module. 

Regarding claims 17 and 23, further comprising inspecting of packets by said inspection 
module, said packets communicated from the firewall core to said inspection module (column 5 
lines 1-12). 

Regarding claims 18 and 24, wherein said notifying the firewall core comprises loading 
said inspection module into a memory space monitored by the firewall core (column 4 lines 50- 



Regarding claims 19 and 25, wherein said notifying the firewall core comprises 
transmitting a signal to the firewall core to indicate the installation of said inspection module 
(column 3 lines 25-32). 

Regarding claims 20 and 26, further comprising indicating by said inspection module for 
which data packets said inspection module provides inspection (column 5 lines 1-12). 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W Klimach whose telephone number is (703) 305-8421. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (703) 305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is (703) 872-9306. 



55). 



Conclusion 
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Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 305-4832. 



PWK 

Wednesday, November 26, 2003 



AYAZ SHEIKH 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



